[Git][security-tracker-team/security-tracker][master] mediawiki CVEfied

Moritz Muehlenhoff (@jmm) jmm at debian.org
Sat Oct 5 16:11:18 BST 2024 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9b130b74 by Moritz Muehlenhoff at 2024-10-05T17:10:25+02:00
mediawiki CVEfied

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -11,7 +11,9 @@ CVE-2024-8743 (The Bit File Manager \u2013 100% Free & Open Source File Manager
 CVE-2024-8486 (The Shortcodes and extra features for Phlox theme plugin for WordPress ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-47913 (An issue was discovered in the AbuseFilter extension for MediaWiki bef ...)
-	TODO: check
+	- mediawiki 1:1.39.10-1
+	NOTE: https://phabricator.wikimedia.org/T372998
+	NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/extensions/AbuseFilter/+/1076855
 CVE-2024-47911 (In SonarSource SonarQube 10.4 through 10.5 before 10.6, a vulnerabilit ...)
 	NOT-FOR-US: SonarSource SonarQube
 CVE-2024-47910 (An issue was discovered in SonarSource SonarQube before 9.9.5 LTA and  ...)
@@ -338,9 +340,6 @@ CVE-2024-25590 (An attacker can publish a zone containing specific Resource Reco
 	- pdns-recursor <unfixed> (bug #1083285)
 	[bullseye] - pdns-recursor <end-of-life> (No longer supported with security updates in Bullseye)
 	NOTE: https://www.openwall.com/lists/oss-security/2024/10/03/3
-CVE-2024-XXXX [abusefilter information leak]
-	- mediawiki 1:1.39.10-1
-	NOTE: https://phabricator.wikimedia.org/T372998
 CVE-2024-8352 (The Social Web Suite \u2013 Social Media Auto Post, Social Media Auto  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-8159 (Deep Freeze 9.00.020.5760 is vulnerable to an out-of-bounds read vulne ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9b130b74198ec667e073e86b197e750fdd85bff2

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9b130b74198ec667e073e86b197e750fdd85bff2
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241005/5f8c5007/attachment.htm>

More information about the debian-security-tracker-commits mailing list